On 21/05/15 11:18, Fabricio Cannini wrote: > What are your opinion(s) about the subject? Good idea or overkill ?
One of my concerns has always been that as these images age without without updates then their exposure to known security holes increases. That seems to be born out by this recent survey: http://www.banyanops.com/blog/analyzing-docker-hub/ # Over 30% of Official Images in Docker Hub Contain High Priority # Security Vulnerabilities # # [...] Surprisingly, we found that more than 30% of images in # official repositories are highly susceptible to a variety of # security attacks (e.g., Shellshock, Heartbleed, Poodle, etc.). # For general images – images pushed by docker users, but not # explicitly verified by any authority – this number jumps up # to ~40% with a sampling error bound of 3%. [...] All the best, Chris -- Christopher Samuel Senior Systems Administrator VLSCI - Victorian Life Sciences Computation Initiative Email: [email protected] Phone: +61 (0)3 903 55545 http://www.vlsci.org.au/ http://twitter.com/vlsci _______________________________________________ Beowulf mailing list, [email protected] sponsored by Penguin Computing To change your subscription (digest mode or unsubscribe) visit http://www.beowulf.org/mailman/listinfo/beowulf
